package com.suoluo.zenapp.controllers.api;

import javax.annotation.Resource;

import net.paoding.rose.web.ControllerInterceptorAdapter;
import net.paoding.rose.web.Invocation;

import com.suoluo.zenapp.common.encrypt.EncryptUtil;
import com.suoluo.zenapp.pojo.dest.DestVersionPOJO;
import com.suoluo.zenapp.service.dest.DestService;

public class APIInterceptor extends ControllerInterceptorAdapter{

	@Resource(name="destService")
	private DestService destService;
	
	@Override
	protected Object before(Invocation inv) throws Exception {
		
		String secret = inv.getParameter("secret");
		String time = inv.getParameter("time");
		int destId = Integer.parseInt(inv.getParameter("destId"));
		
		//1.获取目的地库里保存的token
		DestVersionPOJO pojo  = destService.findVersionByDestId(destId);
		if(pojo == null)
		{
			return "@json:{resultCode:1003,resultMsg:该目的地不存在！}";
		}
		StringBuilder temp = new StringBuilder(pojo.getToken());
		temp.append(time);
		//2.验证secret
		String tempSecret = EncryptUtil.md5(temp.toString());
		if(tempSecret.equals(secret))
		{
			return true;
		}
		return "@json:{resultCode:1001,resultMsg:应用token错误，secret是md5(token+time)加密后的结果！}";
		
	}

	public DestService getDestService() {
		return destService;
	}

	public void setDestService(DestService destService) {
		this.destService = destService;
	}
	

}
